logo inner

SME Information Security Analyst - TS/SCI Required

cfocussoftwareMultiple StatesOnsite
This job is no longer open
cFocus Software is seeking an SME Information Security Analyst to join our program supporting CISA in Arlington, VA or Pensacola, FL.  This position requires active TS/SCI clearance.

Qualifications:


  • Active TS/SCI clearance
  • 10+ years of proven experience performing security controls.
  • Active CASP+, CySA+, or CISSP certification
  • Possess excellent verbal and written communication skills; have knowledge, skills, abilities, and experience with common assessment & authorization (A&A) application platforms (e.g. eMASS, CSAM, Xacta is preferred) for performing tasks in Section 6.3. and strong architecture, network and infrastructure security, or next gen security expertise (agile/hybrid agile, cloud).
  • The SME Information Security Analyst must have extensive experience working with various security methodologies and processes, compliance controls related to cloud security, performing assessments in cloud computing environment, extensive experience providing analysis and trending of vulnerability data form a large number of heterogeneous devices, and must possess expert knowledge in risk and vulnerability management.
  • 10+ years of experience with Reverse Engineering, Computer Forensics, Adversarial Emulations, Incident Response, Vulnerability Assessment and Management, Risk and Threat Mitigation, and Penetration Testing
  • 10+ years of technical experience using concepts such as (SaaS, PaaS, & IaaS)
  • 10+ years of experience working with AWS, Kubernetes, Dockers, Linux, Windows

Duties:


  • Responsible for leading the RMF assessment, authorization, and monitoring steps for systems following NIST and ICD 503 standards and best practices.
  • Maintain ongoing knowledge of Federal policies and practices related to cyber security
  • Participate in the RMF process providing Authorization and Assessment (A&A) support to include the review of risk trade off analysis required to recommend risk acceptance and authorization decisions.
  • Support all activities to maintain security authorization of each system, which include but are not limited to: monitoring status of POA&Ms until closure, annual assessments, continuous monitoring, and (future) ongoing authorization activities as required by DHS policy.
  • Perform impact analysis of the requirements through evidence-based reasoning and risk management needed to create and maintain a defensible security posture for the program.
  • The Contractor may be required to perform assessments for two or more different systems simultaneously

This job is no longer open

Life at cfocussoftware

Thrive Here & What We Value1. Remote collaboration within U.S. DOT with cross-functional teams2. Foster collaborative team culture through knowledge sharing3. Promote work-life balance and employee well-being
View more
Your tracker settings

We use cookies and similar methods to recognize visitors and remember their preferences. We also use them to measure ad campaign effectiveness, target ads and analyze site traffic. To learn more about these methods, including how to disable them, view our Cookie Policy or Privacy Policy.

By tapping `Accept`, you consent to the use of these methods by us and third parties. You can always change your tracker preferences by visiting our Cookie Policy.

logo innerThatStartupJob
Discover the best startup and their job positions, all in one place.
Quick SearchSearch JobsSearch Remote Jobs hiring WorldwideSearch Remote Jobs in the USSearch Jobs in IndiaSearch Remote Jobs in UKSearch by Title
AreaCaliforniaMassachusettsNew YorkTexasVirginiaWashington D.C.View all
Popular SubRemote JobsWeb3 JobsiOS Developer JobsFront End Developer Remote JobsComputational Geometry JobsCannabis CareersView all
CompanyAbout UsContact usBlogCreditsCareersPrivacy PolicyCookie Policy
Copyright © 2025